summaryrefslogtreecommitdiff
path: root/scripts
diff options
context:
space:
mode:
authorAn-Cheng Huang <ancheng@vyatta.com>2010-08-12 16:06:51 -0700
committerAn-Cheng Huang <ancheng@vyatta.com>2010-08-12 16:06:51 -0700
commitae1b4711b34f6e64c4960224fff7b6805bd305d1 (patch)
tree569b7dfe123d6711c356d7522f1783abc710c648 /scripts
parent1ff0709169094e292607978912a63b891ed6ba53 (diff)
downloadvyatta-op-firewall-ae1b4711b34f6e64c4960224fff7b6805bd305d1.tar.gz
vyatta-op-firewall-ae1b4711b34f6e64c4960224fff7b6805bd305d1.zip
remove usages of CLI implementation details ("node.val", etc.).
Diffstat (limited to 'scripts')
-rwxr-xr-xscripts/firewall/vyatta-show-firewall.pl47
1 files changed, 11 insertions, 36 deletions
diff --git a/scripts/firewall/vyatta-show-firewall.pl b/scripts/firewall/vyatta-show-firewall.pl
index 385e003..5945cea 100755
--- a/scripts/firewall/vyatta-show-firewall.pl
+++ b/scripts/firewall/vyatta-show-firewall.pl
@@ -2,6 +2,7 @@
use lib "/opt/vyatta/share/perl5/";
use Vyatta::Config;
+use Vyatta::Interface;
use Vyatta::IpTables::Rule;
use Vyatta::IpTables::AddressFilter;
use Vyatta::Zone;
@@ -48,45 +49,19 @@ sub numerically { $a <=> $b; }
my $format1 = "%-5s %-8s %-9s %-8s %-40s";
my $format2 = " %-78s";
-### all interfaces firewall nodes
-#/ethernet/node.tag/pppoe/node.tag/firewall/<dir>/name/node.def
-#/ethernet/node.tag/vif/node.tag/firewall/<dir>/name/node.def
-#/ethernet/node.tag/firewall/<dir>/name/node.def
-#/adsl/node.tag/pvc/node.tag/pppoa/node.tag/firewall/<dir>/name/node.def
-#/adsl/node.tag/pvc/node.tag/pppoe/node.tag/firewall/<dir>/name/node.def
-#/adsl/node.tag/pvc/node.tag/classical-ipoa/firewall/<dir>/name/node.def
-#/tunnel/node.tag/firewall/<dir>/name/node.def
-#/serial/node.tag/cisco-hdlc/vif/node.tag/firewall/<dir>/name/node.def
-#/serial/node.tag/frame-relay/vif/node.tag/firewall/<dir>/name/node.def
-#/serial/node.tag/ppp/vif/node.tag/firewall/<dir>/name/node.def
-#/wirelessmodem/node.tag/firewall/<dir>/name/node.def
-
sub show_interfaces_zones {
my ($chain, $tree) = @_;
- my $cmd = "find /opt/vyatta/config/active/ "
- . "|grep -e '/firewall/[^/]\\+/$tree/node.val'"
- . "| xargs grep -l '^$chain\$'";
- my $ifd;
- return if (!open($ifd, "$cmd |"));
- my @ints = <$ifd>;
- # e.g.,
- #/opt/vyatta/config/active/interfaces/ethernet/eth1/firewall/in/name/node.val
- my $pfx = '/opt/vyatta/config/active/interfaces';
- my $sfx = "/$tree/node.val";
+
+ my $cfg = new Vyatta::Config;
my @int_strs = ();
- foreach (@ints) {
- my ($intf, $vif, $dir) = (undef, undef, undef);
- if (/^$pfx\/[^\/]+\/([^\/]+)(\/.*)?\/firewall\/([^\/]+)$sfx$/) {
- ($intf, $dir) = ($1, $3);
- $dir =~ y/a-z/A-Z/;
- } else {
- next;
- }
- if (/\/vif\/([^\/]+)\/firewall\//) {
- $vif = $1;
- push @int_strs, "($intf.$vif,$dir)";
- } else {
- push @int_strs, "($intf,$dir)";
+ for (Vyatta::Interface::get_all_cfg_interfaces(1)) {
+ my ($iname, $ipath) = ($_->{name}, $_->{path});
+ for my $dir ($cfg->listOrigNodes("$ipath firewall")) {
+ my $ichain = $cfg->returnOrigValue("$ipath firewall $dir $tree");
+ if (defined($ichain) and $ichain eq $chain) {
+ $dir =~ y/a-z/A-Z/;
+ push @int_strs, "($iname,$dir)";
+ }
}
}
if (scalar(@int_strs) > 0) {